×
The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.
I hack your dns and it now thinks that amazon.com is 208.4.5.6.
We are NOT talking about redirects which take you from amazon.com to
fraud.com! Your URL still says amazon.com even though you are going to
the wrong IP address. And what user verifies the IP address? Now, if
your browser allows self signed certificates then I simply selfsign a new
certificate to amazon.com and put it on my fraudulent 208.4.5.6 site.
Then, as far as you know you are at the real amazon.com
Ok, internally. I know that if I go to corp.dekko.com it should be an
internal site. That should be safe, right? On there you enter a user and
password and look at your W2 information. So now I hack our DNS and point
it to an outside address with a selfsigned certificate and as far as you
know you're still using the internal site, right? Again, what user checks
the IP address? After all, the URL still says corp.dekko.com, right?
Again, we are NOT talking about redirects! This is why many sites do not
even allow them to work internally. Because you may say it's internal and
should be trusted. But that can easily be hacked.
Rob Berendt
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.